Project

crypto_toolchain

0.0
No commit activity in last 3 years
No release in over 3 years
crypto_toolchainffleming/crypto_toolchainHomepageDocumentationSource CodeBug TrackerWiki
A toolchain for manipulating data in a variety of cryptographic and quasi-cryptographic ways.
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
2024
 Popularity
Downloads
5,795
Stars
2
Forks
0
Watchers
2
 Releases
Current version
0.2.0
Total releases
3
First release
2017-11-09
Latest release
2018-06-16
 Pull Requests
Open Pull Requests
0
Closed Pull Requests
0
Merged Pull Requests
2
Pull Request Acceptance Rate
100%
 Development
Primary Language
Ruby
Licenses
MIT
Average date of last 50 commits
2017-09-25
Reverse Dependencies
0

 Dependencies

Development

bundler
~> 1.13
guard-rspec
~> 4.7
rake
~> 10.0
rspec
~> 3.0
simplecov
~> 0.15

Runtime

bigdecimal
~> 1.2
openssl
~> 2.0
pry-byebug
= 3.4
 Project Readme

Build Status

CryptoToolchain

This is a suite of tools for ruining the blue team's day with respect to crypto.

It is mostly based on the Matasano/Cryptopals challenges, because they lead you by the hand down the garden path to breaking a good number of common cryptographic vulnerabilities.

NB: These will probably never be finished

Add --tag ~slow to your .rspec file if you don't want to run slow tests.

Cryptopals progress

Set 1: Basics

  • Convert hex to base64
  • Fixed XOR
  • Single-byte XOR cipher
  • Detect single-character XOR
  • Implement repeating-key XOR
  • Break repeating-key XOR
  • AES in ECB mode
  • Detect AES in ECB mode

Set 2: Block crypto

  • Implement PKCS#7 padding
  • Implement CBC mode
  • An ECB/CBC detection oracle
  • Byte-at-a-time ECB decryption (Simple)
  • ECB cut-and-paste
  • Byte-at-a-time ECB decryption (Harder)
  • PKCS#7 padding validation
  • CBC bitflipping attacks

Set 3: Block & stream crypto

  • The CBC padding oracle
  • Implement CTR, the stream cipher mode
  • Break fixed-nonce CTR mode using substitutions
  • Break fixed-nonce CTR statistically
  • Implement the MT19937 Mersenne Twister RNG
  • Crack an MT19937 seed
  • Clone an MT19937 RNG from its output
  • Create the MT19937 stream cipher and break it

Set 4: Stream crypto & randomness

  • Break "random access read/write" AES CTR
  • CTR bitflipping
  • Recover the key from CBC with IV=Key
  • Implement a SHA-1 keyed MAC
  • Break a SHA-1 keyed MAC using length extension
  • Break an MD4 keyed MAC using length extension
  • Implement and break HMAC-SHA1 with an artificial timing leak
  • Break HMAC-SHA1 with a slightly less artificial timing leak

Set 5: Diffie-Hellman & friends

  • Implement Diffie-Hellman
  • Implement a MITM key-fixing attack on Diffie-Hellman with parameter injection
  • Implement DH with negotiated groups, and break with malicious "g" parameters
  • Implement Secure Remote Password (SRP)
  • Break SRP with a zero key
  • Offline dictionary attack on simplified SRP
  • Implement RSA
  • Implement an E=3 RSA Broadcast attack

Set 6: RSA & DSA

  • Implement unpadded message recovery oracle
  • Bleichenbacher's e=3 RSA Attack
  • DSA key recovery from nonce
  • DSA nonce recovery from repeated nonce
  • DSA parameter tampering
  • RSA parity oracle
  • Bleichenbacher's PKCS 1.5 Padding Oracle (Simple Case)
  • Bleichenbacher's PKCS 1.5 Padding Oracle (Complete Case)

Set 7: Hashes

  • CBC-MAC Message Forgery
  • Hashing with CBC-MAC
  • Compression Ratio Side-Channel Attacks
  • Iterated Hash Function Multicollisions
  • Kelsey and Schneier's Expandable Messages
  • Kelsey and Kohno's Nostradamus Attack
  • MD4 Collisions
  • RC4 Single-Byte Biases

Set 8: Abstract Algebra

  • Diffie-Hellman Revisited: Small Subgroup Confinement
  • Pollard's Method for Catching Kangaroos
  • Elliptic Curve Diffie-Hellman and Invalid-Curve Attacks
  • Single-Coordinate Ladders and Insecure Twists
  • Duplicate-Signature Key Selection in ECDSA (and RSA)
  • Key-Recovery Attacks on ECDSA with Biased Nonces
  • Key-Recovery Attacks on GCM with Repeated Nonces
  • Key-Recovery Attacks on GCM with a Truncated MAC